Examples with OidcConfiguration org.pac4j.oidc.config.OidcConfiguration used on opensource projects

Search in sources :

Example 1 with OidcConfiguration

use of org.pac4j.oidc.config.OidcConfiguration in project cas by apereo.

the class DelegatedClientFactory method configureOidcClient.

/**
 * Configure oidc client.
 *
 * @param properties the properties
 */
protected void configureOidcClient(final Collection<BaseClient> properties) {
    final AtomicInteger index = new AtomicInteger();
    pac4jProperties.getOidc().stream().filter(oidc -> StringUtils.isNotBlank(oidc.getId()) && StringUtils.isNotBlank(oidc.getSecret())).forEach(oidc -> {
        final OidcClient client;
        switch(oidc.getType().toUpperCase()) {
            case "GOOGLE":
                final OidcConfiguration cfg = getOidcConfigurationForClient(oidc, OidcConfiguration.class);
                client = new GoogleOidcClient(cfg);
                break;
            case "AZURE":
                final AzureAdOidcConfiguration azure = getOidcConfigurationForClient(oidc, AzureAdOidcConfiguration.class);
                client = new AzureAdClient(new AzureAdOidcConfiguration(azure));
                break;
            case "KEYCLOAK":
                final KeycloakOidcConfiguration keycfg = getOidcConfigurationForClient(oidc, KeycloakOidcConfiguration.class);
                client = new KeycloakOidcClient(keycfg);
                break;
            case "GENERIC":
            default:
                final OidcConfiguration gencfg = getOidcConfigurationForClient(oidc, OidcConfiguration.class);
                client = new OidcClient(gencfg);
                break;
        }
        final int count = index.intValue();
        if (StringUtils.isBlank(oidc.getClientName())) {
            client.setName(client.getClass().getSimpleName() + count);
        }
        configureClient(client, oidc);
        index.incrementAndGet();
        LOGGER.debug("Created client [{}]", client);
        properties.add(client);
    });
}
Also used : Pac4jBaseClientProperties(org.apereo.cas.configuration.model.support.pac4j.Pac4jBaseClientProperties) WindowsLiveClient(org.pac4j.oauth.client.WindowsLiveClient) AzureAdClient(org.pac4j.oidc.client.AzureAdClient) CasConfiguration(org.pac4j.cas.config.CasConfiguration) CasClient(org.pac4j.cas.client.CasClient) BitbucketClient(org.pac4j.oauth.client.BitbucketClient) SneakyThrows(lombok.SneakyThrows) Google2Client(org.pac4j.oauth.client.Google2Client) OidcConfiguration(org.pac4j.oidc.config.OidcConfiguration) RequiredArgsConstructor(lombok.RequiredArgsConstructor) SAML2Client(org.pac4j.saml.client.SAML2Client) WordPressClient(org.pac4j.oauth.client.WordPressClient) StringUtils(org.apache.commons.lang3.StringUtils) YahooClient(org.pac4j.oauth.client.YahooClient) AzureAdOidcConfiguration(org.pac4j.oidc.config.AzureAdOidcConfiguration) LinkedIn2Client(org.pac4j.oauth.client.LinkedIn2Client) OidcClient(org.pac4j.oidc.client.OidcClient) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) PayPalClient(org.pac4j.oauth.client.PayPalClient) LinkedHashSet(java.util.LinkedHashSet) GoogleOidcClient(org.pac4j.oidc.client.GoogleOidcClient) FacebookClient(org.pac4j.oauth.client.FacebookClient) KeycloakOidcClient(org.pac4j.oidc.client.KeycloakOidcClient) Verb(com.github.scribejava.core.model.Verb) Collection(java.util.Collection) Pac4jDelegatedAuthenticationProperties(org.apereo.cas.configuration.model.support.pac4j.Pac4jDelegatedAuthenticationProperties) Set(java.util.Set) JWSAlgorithm(com.nimbusds.jose.JWSAlgorithm) GenericOAuth20Client(org.pac4j.oauth.client.GenericOAuth20Client) Slf4j(lombok.extern.slf4j.Slf4j) BaseClient(org.pac4j.core.client.BaseClient) TwitterClient(org.pac4j.oauth.client.TwitterClient) Pac4jOidcProperties(org.apereo.cas.configuration.model.support.pac4j.Pac4jOidcProperties) KeycloakOidcConfiguration(org.pac4j.oidc.config.KeycloakOidcConfiguration) CasProtocol(org.pac4j.cas.config.CasProtocol) FoursquareClient(org.pac4j.oauth.client.FoursquareClient) GitHubClient(org.pac4j.oauth.client.GitHubClient) OrcidClient(org.pac4j.oauth.client.OrcidClient) DropBoxClient(org.pac4j.oauth.client.DropBoxClient) SAML2ClientConfiguration(org.pac4j.saml.client.SAML2ClientConfiguration) OidcConfiguration(org.pac4j.oidc.config.OidcConfiguration) AzureAdOidcConfiguration(org.pac4j.oidc.config.AzureAdOidcConfiguration) KeycloakOidcConfiguration(org.pac4j.oidc.config.KeycloakOidcConfiguration) AzureAdOidcConfiguration(org.pac4j.oidc.config.AzureAdOidcConfiguration) KeycloakOidcClient(org.pac4j.oidc.client.KeycloakOidcClient) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) OidcClient(org.pac4j.oidc.client.OidcClient) GoogleOidcClient(org.pac4j.oidc.client.GoogleOidcClient) KeycloakOidcClient(org.pac4j.oidc.client.KeycloakOidcClient) AzureAdClient(org.pac4j.oidc.client.AzureAdClient) KeycloakOidcConfiguration(org.pac4j.oidc.config.KeycloakOidcConfiguration) GoogleOidcClient(org.pac4j.oidc.client.GoogleOidcClient)

Example 2 with OidcConfiguration

use of org.pac4j.oidc.config.OidcConfiguration in project pac4j by pac4j.

the class RunMitreIdOrg method getClient.

@Override
protected IndirectClient getClient() {
    final OidcConfiguration configuration = new OidcConfiguration();
    configuration.setClientId("acdf79d7-0129-4ba3-bc61-a52486cf82ff");
    configuration.setSecret("ALhlPK5ONNGojjZvEiIgyNEUfX1MbAlDXT1dM0-pVQSa-IID5QMq-lEhlawRqejPZ8c70LBqfKyFL79tefmPb7k");
    configuration.setDiscoveryURI("https://mitreid.org/.well-known/openid-configuration");
    configuration.setPreferredJwsAlgorithm(JWSAlgorithm.parse("none"));
    final OidcClient client = new OidcClient(configuration);
    client.setCallbackUrl(PAC4J_URL);
    return client;
}
Also used : OidcConfiguration(org.pac4j.oidc.config.OidcConfiguration) OidcClient(org.pac4j.oidc.client.OidcClient)

Example 3 with OidcConfiguration

use of org.pac4j.oidc.config.OidcConfiguration in project pac4j by pac4j.

the class RunOkta method getClient.

@Override
protected IndirectClient getClient() {
    final OidcConfiguration configuration = new OidcConfiguration();
    configuration.setClientId("ZuxDX1Gw2Kvx4gFyDNWC");
    configuration.setSecret("77kjmDs94pA4UOVkeuYY7XyHnsDmSWoezrc3XZFU");
    configuration.setDiscoveryURI("https://dev-425954.oktapreview.com/.well-known/openid-configuration");
    final OidcClient client = new OidcClient(configuration);
    client.setCallbackUrl(PAC4J_URL);
    return client;
}
Also used : OidcConfiguration(org.pac4j.oidc.config.OidcConfiguration) OidcClient(org.pac4j.oidc.client.OidcClient)

Example 4 with OidcConfiguration

use of org.pac4j.oidc.config.OidcConfiguration in project ddf by codice.

the class OidcHandlerConfigurationImpl method createOidcConfiguration.

@VisibleForTesting
OidcConfiguration createOidcConfiguration(String idpType, String realm, String baseUri) {
    OidcConfiguration configuration;
    if ("Keycloak".equals(idpType)) {
        KeycloakOidcConfiguration keycloakOidcConfiguration = new KeycloakOidcConfiguration();
        keycloakOidcConfiguration.setRealm(realm);
        keycloakOidcConfiguration.setBaseUri(baseUri);
        configuration = keycloakOidcConfiguration;
    } else if ("Azure".equals(idpType)) {
        AzureAdOidcConfiguration azureAdOidcConfiguration = new AzureAdOidcConfiguration();
        azureAdOidcConfiguration.setTenant(realm);
        configuration = azureAdOidcConfiguration;
    } else {
        configuration = new OidcConfiguration();
    }
    return configuration;
}
Also used : OidcConfiguration(org.pac4j.oidc.config.OidcConfiguration) AzureAdOidcConfiguration(org.pac4j.oidc.config.AzureAdOidcConfiguration) KeycloakOidcConfiguration(org.pac4j.oidc.config.KeycloakOidcConfiguration) AzureAdOidcConfiguration(org.pac4j.oidc.config.AzureAdOidcConfiguration) KeycloakOidcConfiguration(org.pac4j.oidc.config.KeycloakOidcConfiguration) VisibleForTesting(com.google.common.annotations.VisibleForTesting)

Example 5 with OidcConfiguration

use of org.pac4j.oidc.config.OidcConfiguration in project ddf by codice.

the class OidcHandler method getNormalizedToken.

/**
 * Handler implementing OIDC authentication.
 *
 * @param request http request to obtain attributes from and to pass into any local filter chains
 *     required
 * @param response http response to return http responses or redirects
 * @param chain original filter chain (should not be called from your handler)
 * @param resolve flag with true implying that credentials should be obtained, false implying
 *     return if no credentials are found.
 * @return result of handling this request - status and optional tokens
 * @throws AuthenticationFailureException
 */
@Override
public HandlerResult getNormalizedToken(ServletRequest request, ServletResponse response, SecurityFilterChain chain, boolean resolve) throws AuthenticationFailureException {
    HttpServletRequest httpRequest = (HttpServletRequest) request;
    HttpServletResponse httpResponse = (HttpServletResponse) response;
    if (httpRequest.getMethod().equals("HEAD")) {
        return processHeadRequest(httpResponse);
    }
    LOGGER.debug("Doing Oidc authentication and authorization for path {}.", httpRequest.getContextPath());
    JEESessionStore sessionStore = new JEESessionStore();
    JEEContext jeeContext = new JEEContext(httpRequest, httpResponse, sessionStore);
    StringBuffer requestUrlBuffer = httpRequest.getRequestURL();
    requestUrlBuffer.append(httpRequest.getQueryString() == null ? "" : "?" + httpRequest.getQueryString());
    String requestUrl = requestUrlBuffer.toString();
    String ipAddress = httpRequest.getRemoteAddr();
    OidcClient<OidcConfiguration> oidcClient = configuration.getOidcClient(requestUrl);
    OidcCredentials credentials;
    boolean isMachine = userAgentIsNotBrowser(httpRequest);
    if (isMachine) {
        LOGGER.debug("The Oidc Handler does not handle machine to machine requests. Continuing to other handlers.");
        return noActionResult;
    } else {
        // check for Authorization Code Flow, Implicit Flow, or Hybrid Flow credentials
        try {
            credentials = getCredentialsFromRequest(oidcClient, jeeContext);
        } catch (IllegalArgumentException e) {
            LOGGER.debug(e.getMessage(), e);
            LOGGER.error("Problem with the Oidc Handler's configuration. " + "Check the Oidc Handler configuration in the admin console.");
            return noActionResult;
        } catch (TechnicalException e) {
            LOGGER.debug("Problem extracting Oidc credentials from incoming user request.", e);
            return redirectForCredentials(oidcClient, jeeContext, requestUrl);
        }
    }
    // if the request has credentials, process it
    if (credentials != null && (credentials.getCode() != null || credentials.getAccessToken() != null || credentials.getIdToken() != null)) {
        LOGGER.info("Oidc credentials found/retrieved. Saving to session and continuing filter chain.");
        OidcAuthenticationToken token = new OidcAuthenticationToken(credentials, jeeContext, ipAddress);
        HandlerResult handlerResult = new HandlerResultImpl(Status.COMPLETED, token);
        handlerResult.setSource(SOURCE);
        return handlerResult;
    } else {
        // the user agent request didn't have credentials, redirect and go get some
        LOGGER.info("No credentials found on user-agent request. " + "Redirecting user-agent to IdP for credentials.");
        return redirectForCredentials(oidcClient, jeeContext, requestUrl);
    }
}
Also used : TechnicalException(org.pac4j.core.exception.TechnicalException) HandlerResultImpl(org.codice.ddf.security.handler.HandlerResultImpl) JEEContext(org.pac4j.core.context.JEEContext) OidcAuthenticationToken(org.codice.ddf.security.handler.OidcAuthenticationToken) HttpServletResponse(javax.servlet.http.HttpServletResponse) JEESessionStore(org.pac4j.core.context.session.JEESessionStore) HandlerResult(org.codice.ddf.security.handler.api.HandlerResult) HttpServletRequest(javax.servlet.http.HttpServletRequest) OidcConfiguration(org.pac4j.oidc.config.OidcConfiguration) OidcCredentials(org.pac4j.oidc.credentials.OidcCredentials)

Aggregations

OidcConfiguration (org.pac4j.oidc.config.OidcConfiguration)19 OidcClient (org.pac4j.oidc.client.OidcClient)13 AzureAdOidcConfiguration (org.pac4j.oidc.config.AzureAdOidcConfiguration)8 GoogleOidcClient (org.pac4j.oidc.client.GoogleOidcClient)7 KeycloakOidcConfiguration (org.pac4j.oidc.config.KeycloakOidcConfiguration)7 Test (org.junit.Test)5 AzureAdClient (org.pac4j.oidc.client.AzureAdClient)4 KeycloakOidcClient (org.pac4j.oidc.client.KeycloakOidcClient)4 Verb (com.github.scribejava.core.model.Verb)2 JWSAlgorithm (com.nimbusds.jose.JWSAlgorithm)2 OIDCProviderMetadata (com.nimbusds.openid.connect.sdk.op.OIDCProviderMetadata)2 Collection (java.util.Collection)2 LinkedHashSet (java.util.LinkedHashSet)2 Set (java.util.Set)2 AtomicInteger (java.util.concurrent.atomic.AtomicInteger)2 StringUtils (org.apache.commons.lang3.StringUtils)2 OidcAuthenticationToken (org.codice.ddf.security.handler.OidcAuthenticationToken)2 TechnicalException (org.pac4j.core.exception.TechnicalException)2 OidcCredentials (org.pac4j.oidc.credentials.OidcCredentials)2 VisibleForTesting (com.google.common.annotations.VisibleForTesting)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial